git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
	Fri, 14 Jun 2024 09:58:55 +0000 (12:58 +0300)
committer	Borislav Petkov (AMD) <bp@alien8.de>
	Mon, 17 Jun 2024 15:46:02 +0000 (17:46 +0200)
commit	22daa42294b419a0d8060a3870285e7a72aa63e4
tree	fa9ac4ab6f6accd208905669e4beea434fe714f0	tree
parent	c3abbf1376874f0d6eb22859a8655831644efa42	commit \| diff

x86/mm: Add callbacks to prepare encrypted memory for kexec

AMD SEV and Intel TDX guests allocate shared buffers for performing I/O.
This is done by allocating pages normally from the buddy allocator and
then converting them to shared using set_memory_decrypted().

On kexec, the second kernel is unaware of which memory has been
converted in this manner. It only sees E820_TYPE_RAM. Accessing shared
memory as private is fatal.

Therefore, the memory state must be reset to its original state before
starting the new kernel with kexec.

The process of converting shared memory back to private occurs in two
steps:

- enc_kexec_begin() stops new conversions.

- enc_kexec_finish() unshares all existing shared memory, reverting it
back to private.

Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: Nikolay Borisov <nik.borisov@suse.com>
Reviewed-by: Kai Huang <kai.huang@intel.com>
Tested-by: Tao Liu <ltao@redhat.com>
Link: https://lore.kernel.org/r/20240614095904.1345461-11-kirill.shutemov@linux.intel.com

arch/x86/include/asm/x86_init.h		diff \| blob \| blame \| history
arch/x86/kernel/crash.c		diff \| blob \| blame \| history
arch/x86/kernel/reboot.c		diff \| blob \| blame \| history
arch/x86/kernel/x86_init.c		diff \| blob \| blame \| history